We are migrating file servers from Windows Server 2003 to Windows Server 2012 R2

Introduction

If you have SMB file servers running on Windows Server 2003, you probably already know that the extended support for this OS will end on July 14, 2015. You can read more about this here .
If you are still using Windows Server 2003, you should start planning to upgrade to the new version right now. The simplest way to migrate old SMB file servers is to use a virtual machine to replace your old virtual machine and transfer data to a new one. Despite the fact that such a transition seems quite simple, you should be careful, because this movement of data requires at least some short idle time.
I am glad that you are reading this article, as this means that you are taking steps to leave your old servers before their support stops.

Steps

In order to test this transition scenario, I configured a Windows Server 2003 machine with a 32-bit version (which I called FILES) and a Hyper-V virtual machine with Windows Server 2012 R2. I also set up a domain controller running Windows Server 2012 R2 and connected both machines to this domain.
The following are the steps I have done to test and identify the details of how to perform the migration:

1. Setting up accounts / groups in Active Directory *
2. Setting up a computer with WS2003 *
3. Preparing for migration (copying source data before final migration)
4. Export Network Folder Information
5. Adding changes after completing Step 3 *
6. Rename Windows Server 2003
7. Final data transfer
8. Creating network folders at destination
9. Rename WS2012R2
10. Change check

Items marked with * are only needed to simulate the environment and should not be executed in your real environment where there is already a running file server installed from Windows Server 2003.
Below you will find a detailed description of each step listed above. Keep in mind that I tried to give the commands that I used in my environment, but you obviously need to configure server names and paths as needed for a specific configuration.

Step 1 - Set up accounts / groups in Active Directory *

First, we will create several user accounts and groups for the domain, with which we will work in the script.
This step must be performed from PowerShell (running as Administrator) on a domain controller running Windows Server 2012 R2.
Earlier versions of Windows Server for a domain controller are also suitable, but I cannot guarantee that the following PowerShell commands will work on all older versions.
IMPORTANT: These commands should only be used to simulate a test environment. Do not run them in your production environment.

$cred = get-credential1..99 | % { New-ADUser -Name User$_ -AccountPassword $cred.password -CannotChangePassword $true -DisplayName "Test $_" -Enabled $true -SamAccountName User$_ }1..99 | % { New-ADGroup -DisplayName "Project $_" -Name Project$_ -GroupCategory Security -GroupScope Global }1..99 | % { $Group = $_; 1..99 | % { Get-ADGroup Project$Group | Add-ADGroupMember -Members User$_ } } 

')

Step 2 - Configure your computer with WS2003

Now we create several local and network folders with different permissions at the file system and network level. It simulates a production environment and helps test that files, local and network folders and permissions have been migrated properly.
These commands must be run from the command line on a test file server running Windows Server 2003. In the JOSE script, this is the domain name.
IMPORTANT: These commands should only be used to simulate a test environment. Do not run them in your production environment.

 md C:\homefolder for /L %%a in (1,1,99) do md C:\homefolder\user%%a for /L %%a in (1,1,99) do NET SHARE share%%a=C:\homefolder\user%%a /GRANT:JOSE\Administrator,FULL /GRANT:JOSE\user%%a,FULL for /L %%a in (1,1,99) do echo y | cacls C:\homefolder\user%%a /E /G JOSE\Administrator:F for /L %%a in (1,1,99) do echo y | cacls C:\homefolder\user%%a /E /G JOSE\user%%a:F md c:\projects for /L %%a in (1,1,99) do md C:\projects\project%%a for /L %%a in (1,1,99) do NET SHARE project%%a=C:\projects\project%%a /GRANT:JOSE\Administrator,FULL /GRANT:JOSE\Project%%a,FULL for /L %%a in (1,1,99) do echo y | cacls c:\projects\project%%a /E /G JOSE\Administrator:F for /L %%a in (1,1,99) do echo y | cacls c:\projects\project%%a /E /G JOSE\project%%a:F for /L %%a in (1,1,99) do xcopy c:\windows\media\*.mid C:\homefolder\user%%a for /L %%a in (1,1,99) do xcopy c:\windows\media\*.mid c:\projects\project%%a 

Step 3 - Preparing for Migration

This step performs the initial copying of data from a file server running Windows Server 2003 to a machine running Windows Server 2012 R2 before the final migration.
By making this first copy of the old file server still available to users, you minimize the downtime required for the final copy. If there are problems with open files or other errors at this stage, it's okay - you will get the opportunity to capture these files later.
You need to make sure that you include all the folders used for your network files. In this example, I assume that the relevant files are in the C: \ homefolder and C: \ projects folders.
IMPORTANT: You must use the same drive letters and the same paths on your new server running Windows Server 2012 R2. Otherwise, the information about network folders will not match, and your migration will not work.
IMPORTANT: This migration process only works if you use domain accounts and domain groups for your permissions. If you use local accounts to share files or assign permissions to the file system, then permissions will not be moved by ROBOCOPY .



This step must be performed on a server running Windows Server 2012 R2 from the command line running as Administrator.

 md C:\homefolder ROBOCOPY /e /xj /r:2 /w:5 /v /it /purge /copyall \\FILES\c$\homefolderc:\homefolder md c:\projects ROBOCOPY /e /xj /r:2 /w:5 /v /it /purge /copyall \\FILES\c$\projects c:\projects 

Step 4 - Export Network Folder Information

We export network folder information from the Windows Server 2003 registry. This information includes network folder names, path to them, and network folder security information (ACL). You can read more about this export procedure here .
This command must be run from the command line on a test file server running Windows Server 2003.
IMPORTANT: This migration process only works if you use domain accounts and domain groups for your permissions. If you use local accounts to share files or assign permissions to the file system, then permissions will not be moved using this export from the registry.

 reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares c:\export.reg 

Step 5 - Adding changes after completing Step 3 * (simulates the existing environment and runs from a file server running WS2003)

This step simulates applying changes to files after the initial copy was done in Step 3. Since some time elapsed between steps 3 and 6, we expect users to continue to make changes to existing files and add new ones. This imitating step helps to ensure that it is possible to capture these changes using commands.
This step must be run from the command line on a test file server running Windows Server 2003.
IMPORTANT: These commands should only be used to simulate a test environment. Do not run them in your production environment.

 for /L %%a in (1,1,99) do xcopy c:\windows\media\r*.wav c:\homefolder\user%%a for /L %%a in (1,1,99) do xcopy c:\windows\media\r*.wav c:\projects\project%%a 

Step 6 - Rename Windows Server 2003 (*** Here starts idle time ***)

In this step, you must rename your computer under Windows Server 2003 management and restart it. This step will be the beginning of downtime for your file server.
Since Windows Server 2003 does not come with the command line option required to perform this operation, use the graphical interface to manually rename the machine from FILES to XFILES. Here it is assumed that FILES is the name of an existing file server (users access data using \\ FILES \ <network-folder-name>); XFILES is an unused name on your network. At this point, your FILES file server will become unavailable.
If you want to automate this step, download the Support Tools and use the command below on a computer running Windows Server 2003.

 NETDOM RENAMECOMPUTER /NEWNAME XFILES /REBOOT /FORCE 

Step 7 - Final Data Transfer

At this stage, changes made to network resources (modification of existing files or creation of new ones) after the initial copy are copied. After the system has been renamed and rebooted, there should not be any connected users, and therefore there should not be any problems with the files during copying.
We will use the same parameters as before, and ROBOCOPY , in order to copy what was changed from the first copy. If the initial copy did not happen very long ago, you will have only a few changes, and this step will not take long.
IMPORTANT: Because this is the last copy, you should review each error and repeat the copy until no problems are found with the files you need.
Run this command from a computer running Windows Server 2012 R2 from the command line running as Administrator.

 ROBOCOPY /e /xj /r:2 /w:5 /v /it /purge /copyall \\XFILES\c$\homefolderc:\homefolder ROBOCOPY /e /xj /r:2 /w:5 /v /it /purge /copyall \\XFILES\c$\projectsc:\projects 

Step 8 - Creating Network Folders at Destination

Import network folder settings from Windows Server 2003 using the file created in step 4.
Run this command from a computer running Windows Server 2012 R2 from the command line running as Administrator.

 reg import \\XFILES\c$\export.reg 

Step 9 - Rename WS2012R2

Now we will rename the computer running Windows Server 2012 R2 to the same name that was used on our old Windows Server 2003, and the migration is complete.
After the system is restarted, customers will be able to access network folders on the new system, and this will result in idle time.
Run this command from a computer running Windows Server 2012 R2 from PowerShell running as Administrator.

 Rename-Computer -NewName FILES -Restart -Force 

Step 10 - Checking the Changes (*** The idle time *** ends here)

The migration is complete, and you can use these commands to ensure that all network folders are migrated correctly. Using these commands, permissions are also checked for some network and local folders to make sure that this part works correctly.
Run this command from a computer running Windows Server 2012 R2 from PowerShell running as Administrator.

 Get-SmbShare Get-SmbShareAccess Share23 Get-SmbShareAccess Project9 Get-Acl c:\homefolder\user23 | Format-List Path, AccessToString Get-Acl c:\projects\project9 | Format-List Path, AccessToString 

Conclusion

I strongly recommend that you set up a test environment before attempting to immediately apply these instructions on the file server running Windows Server 2003 in production. Your test environment should simulate production as precisely as possible. In this case, you can find out detailed information about the procedure and customize the scripts in accordance with the details of your environment.

Good luck with your migration!

useful links

• Try Azure for free for 30 days!
  
• Learn Microsoft Virtual Academy courses
  
  • Basics of building a domain network. Part 2
  • Upgrading the organization's infrastructure using Windows Server 2012 R2
  • Unity Game Programming Introduction
  • Business and the cloud: best practices solutions
  • Cross-Platform Development with Visual Studio
  
  
• Download a trial version of Windows Server 2012 R2
• Download free or trial Visual Studio